On this page
![Apache Apache](/uploads/1/2/5/8/125850397/809224526.png)
How to Implement Reverse Proxy With Mod Security This post is related to the project that i did with ModSecurity & Reverse Proxy, you can refer to this post that i already describe the details of 'How To Install ModSecurity On Apache(Ubuntu 12.10) Step By Step Tutorial For Beginners'. Step 1: Installing Apache Web server. First, you need to install Apache if it is not installed on your Ubuntu 18.04 server. First update the Ubuntu package index. $ sudo apt-get update. Then, install Apache: $ sudo apt-get install Apache2. Press Y and hit Enter when prompted to confirm the installation.
- 1 Installation
Secure Your Apache With mod_security
Version 1.0
Author: Falko Timme
Author: Falko Timme
This article shows how to install and configure mod_security. mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.
In the first chapter I will show how to install mod_security on Debian Sarge, Ubuntu 6.06 LTS (Dapper Drake), and on Fedora Core 5, and in the second chapter I will describe how to configure Apache for mod_security which is independent from the distribution you're using.
I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
1 Installation
1.1 Debian Sarge
mod_security is available as a Debian package in the default Debian repositories, therefore the installation is as simple as this:
![Test mod security Test mod security](/uploads/1/2/5/8/125850397/850251155.png)
apt-get install libapache2-mod-security
a2enmod mod-security
/etc/init.d/apache2 force-reload
a2enmod mod-security
/etc/init.d/apache2 force-reload
1.2 Ubuntu 6.06 LTS (Dapper Drake)
The installation is exactly the same as on Debian Sarge:
apt-get install libapache2-mod-security
a2enmod mod-security
/etc/init.d/apache2 force-reload
a2enmod mod-security
/etc/init.d/apache2 force-reload
1.3 Fedora Core 5
On Fedora, you can install and activate mod_security like this:
yum install mod_security
/etc/init.d/httpd restart
/etc/init.d/httpd restart
You should now find the file /etc/httpd/conf.d/mod_security.conf which already contains a basic mod_security configuration:
You can keep this configuration, but to get a better understanding of what mod_security can do, you should comment out the <IfModule mod_security.c>...</IfModule> part, restart Apache, and follow chapter 2. Afterwards you can create your own mod_security ruleset, or just switch back to this one.